On Fri, Feb 13, 2015 at 08:17:40PM +0530, Rajeswari K wrote: > We would like to use our internal verification logics for the key exchange > message received at SSL client. That sounds like a bad idea. Let OpenSSL do the work for you, configure appropriate trust anchors, or trusted leaf certificate fingerprints. -- Viktor.